[Federal Register Volume 72, Number 163 (Thursday, August 23, 2007)]
[Proposed Rules]
[Pages 48346-48348]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E7-15966]



  Federal Register / Vol. 72, No. 163 / Thursday, August 23, 2007 / 
Proposed Rules  

[[Page 48346]]


-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

6 CFR Part 5

[Docket Number 2007-0053]


Privacy Act of 1974: Implementation of Exemptions; Advanced 
Passenger Information System

AGENCY: Privacy Office, Office of the Secretary, DHS.

ACTION: Notice of proposed rulemaking.

-----------------------------------------------------------------------

SUMMARY: The Department of Homeland Security is proposing to amend its 
regulations to exempt portions of a system of records from certain 
provisions of the Privacy Act. Specifically, the Department proposes to 
exempt portions of the Advance Passenger Information System from one or 
more provisions of the Privacy Act because of criminal, civil, and 
administrative enforcement requirements. This notice is a republication 
of the Treasury Department exemption regulation (title 31, Code of 
Federal Regulations, part 1) which previously covered the Advanced 
Passenger Information System as part of the Treasury Enforcement 
Communications System.

DATES: Written comments must be submitted on or before September 24, 
2007.

ADDRESSES: You may submit comments, identified by Docket Number DHS-
2007-0053 by one of the following methods:
     Federal e-Rulemaking Portal: http://www.regulations.gov. 
Follow the instructions for submitting comments.
     Fax: 1-866-466-5370.
     Mail: Hugo Teufel III, Chief Privacy Officer, Privacy 
Office, Department of Homeland Security, Washington, DC 20528.

FOR FURTHER INFORMATION CONTACT: For general questions please contact: 
Laurence E. Castelli (202-572-8790), Chief, Privacy Act Policy and 
Procedures Branch, U.S. Customs and Border Protection, Regulations and 
Rulings, Office of International Trade, Mint Annex, 1300 Pennsylvania 
Ave., NW., Washington, DC 20229. For privacy issues please contact: 
Hugo Teufel III (703-235-0780), Chief Privacy Officer, Privacy Office, 
U.S. Department of Homeland Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION: 

Background

    The Department of Homeland Security (DHS), elsewhere in this 
edition of the Federal Register, published a Privacy Act system of 
records notice describing records in the Advance Passenger Information 
System (APIS). APIS performs screening of both inbound and outbound 
passengers and crew and crew members overflying the United States. As 
part of this screening function and to facilitate DHS's border 
enforcement mission, APIS data is compared with information in other 
CBP law enforcement systems, as well as with information from the TSDB, 
information on individuals with outstanding wants or warrants, and 
information from other government agencies regarding high risk parties 
and queries based on law enforcement data, intelligence, and past case 
experience to assess persons seeking to cross (or in the case of crew, 
overfly) the U.S. border using a means of transport covered by CBP's 
APIS regulations.
    APIS contains records pertaining to various categories of 
individuals, including: Passengers and crew who arrive, transit through 
or depart the United States by air or sea (and includes the U.S. 
domestic portions of international travel for passengers and crew 
flying into or out of the United States) and crew members on aircraft 
that overfly the United States.
    No exemption shall be asserted with respect to information 
maintained in the system that is collected from a person and submitted 
by that person's air or vessel carrier, if that person, or his or her 
agent, seeks access or amendment of such information.
    This system, however, may contain records or information recompiled 
from or created from information contained in other systems of records, 
which are exempt from certain provisions of the Privacy Act. For these 
records or information only, in accordance with 5 U.S.C. 552a (j)(2), 
and (k)(2), DHS will also claim the original exemptions for these 
records or information from subsections (c)(3) and (4); (d)(1), (2), 
(3), and (4); (e)(1), (2), (3), (4)(G) through (I), (5), and (8); (f), 
and (g) of the Privacy Act of 1974, as amended, as necessary and 
appropriate to protect such information. Moreover, DHS will add these 
exemptions to Appendix C to 6 CFR Part 5, DHS Systems of Records Exempt 
from the Privacy Act. Such exempt records or information may be law 
enforcement or national security investigation records, law enforcement 
activity and encounter records, or terrorist screening records.
    DHS needs these exemptions in order to protect information relating 
to law enforcement investigations from disclosure to subjects of 
investigations and others who could interfere with investigatory and 
law enforcement activities. Specifically, the exemptions are required 
to: Preclude subjects of investigations from frustrating the 
investigative process; avoid disclosure of investigative techniques; 
protect the identities and physical safety of confidential informants 
and of law enforcement personnel; ensure DHS's and other federal 
agencies' ability to obtain information from third parties and other 
sources; protect the privacy of third parties; and safeguard sensitive 
information. The exemptions proposed here are standard law enforcement 
exemptions exercised by a large number of federal law enforcement 
agencies.
    Nonetheless, DHS will examine each request on a case-by-case basis, 
and, after conferring with the appropriate component or agency, may 
waive applicable exemptions in appropriate circumstances and where it 
would not appear to interfere with or adversely affect the law 
enforcement purposes of the systems from which the information is 
recompiled or in which it is contained.
    Again, DHS will not assert any exemption with respect to 
information maintained in the system that is collected from a person 
and submitted by that person's air or vessel carrier, if that person, 
or his or her agent, seeks access or amendment of such information.

Regulatory Requirements

A. Regulatory Impact Analyses

    Changes to Federal regulations must undergo several analyses. In 
conducting these analyses, DHS has determined:
1. Executive Order 12866 Assessment
    This rule is not a significant regulatory action under Executive 
Order 12866, ``Regulatory Planning and Review'' (as amended). 
Accordingly, this rule has not been reviewed by the Office of 
Management and Budget (OMB). Nevertheless, DHS has reviewed this 
rulemaking, and concluded that there will not be any significant 
economic impact.
2. Regulatory Flexibility Act Assessment
    Pursuant to section 605 of the Regulatory Flexibility Act (RFA), 5 
U.S.C. 605(b), as amended by the Small Business Regulatory Enforcement 
and Fairness Act of 1996 (SBREFA), DHS certifies that this rule will 
not have a significant impact on a substantial number of small 
entities. The rule would impose no duties or obligations on small 
entities. Further, the exemptions to the Privacy Act apply to 
individuals, and individuals are not covered entities under the RFA.

[[Page 48347]]

3. International Trade Impact Assessment
    This rulemaking will not constitute a barrier to international 
trade. The exemptions relate to criminal investigations and agency 
documentation and, therefore, do not create any new costs or barriers 
to trade.
4. Unfunded Mandates Assessment
    Title II of the Unfunded Mandates Reform Act of 1995 (UMRA), (Pub. 
L. 104-4, 109 Stat. 48), requires Federal agencies to assess the 
effects of certain regulatory actions on State, local, and tribal 
governments, and the private sector. This rulemaking will not impose an 
unfunded mandate on State, local, or tribal governments, or on the 
private sector.

B. Paperwork Reduction Act

    The Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3501 et seq.) 
requires that DHS consider the impact of paperwork and other 
information collection burdens imposed on the public and, under the 
provisions of PRA section 3507(d), obtain approval from the Office of 
Management and Budget (OMB) for each collection of information it 
conducts, sponsors, or requires through regulations. DHS has determined 
that there are no current or new information collection requirements 
associated with this rule.

C. Executive Order 13132, Federalism

    This action will not have a substantial direct effect on the 
States, on the relationship between the national Government and the 
States, or on the distribution of power and responsibilities among the 
various levels of government, and therefore will not have federalism 
implications.

D. Environmental Analysis

    DHS has reviewed this action for purposes of the National 
Environmental Policy Act of 1969 (NEPA) (42 U.S.C. 4321-4347) and has 
determined that this action will not have a significant effect on the 
human environment.

E. Energy Impact

    The energy impact of this action has been assessed in accordance 
with the Energy Policy and Conservation Act (EPCA) Public Law 94-163, 
as amended (42 U.S.C. 6362). This rulemaking is not a major regulatory 
action under the provisions of the EPCA.

List of Subjects in 6 CFR Part 5

    Privacy, Freedom of information.

    For the reasons stated in the preamble, DHS proposes to amend 
Chapter I of Title 6, Code of Federal Regulations, as follows:

PART 5--DISCLOSURE OF RECORDS AND INFORMATION

    1. The authority citation for Part 5 continues to read as follows:

    Authority: Pub. L. 107-296, 116 Stat. 2135, 6 U.S.C. 101 et 
seq.; 5 U.S.C. 301. Subpart A also issued under 5 U.S.C. 552.

    2. Amend Appendix C to Part 5 by adding a new section 5 to read as 
follows:

Appendix C to Part 5--DHS Systems of Records Exempt From the Privacy 
Act

* * * * *
    5. DHS/CBP-005, Advance Passenger Information System. A portion 
of the following system of records is exempt from 5 U.S.C. 
552a(c)(3) and (4); (d)(1), (2), (3), and (4); (e)(1), (2), (3), 
(4)(G) through (I), (5), and (8); (f), and (g); however, these 
exemptions apply only to the extent that information in this system 
of records is recompiled or is created from information contained in 
other systems of records subject to such exemptions pursuant to 5 
U.S.C. 552a(j)(2), and (k)(2). Further, no exemption shall be 
asserted with respect to biographical or travel information 
submitted by, and collected from, a person or submitted through that 
person's air or vessel carrier. After conferring with the 
appropriate component or agency, DHS may waive applicable exemptions 
in appropriate circumstances and where it would not appear to 
interfere with or adversely affect the law enforcement purposes of 
the systems from which the information is recompiled or in which it 
is contained. Exemptions from the above particular subsections are 
justified, on a case-by-case basis to be determined at the time a 
request is made, when information in this system of records is 
recompiled or is created from information contained in other systems 
of records subject to exemptions for the following reasons:
    (a) From subsection (c)(3) (Accounting for Disclosure) because 
making available to a record subject the accounting of disclosures 
from records concerning him or her would specifically reveal any 
investigative interest in the individual. Revealing this information 
could reasonably be expected to compromise ongoing efforts to 
investigate a violation of U.S. law, including investigations of a 
known or suspected terrorist, by notifying the record subject that 
he or she is under investigation. This information could also permit 
the record subject to take measures to impede the investigation, 
e.g., destroy evidence, intimidate potential witnesses, or flee the 
area to avoid or impede the investigation.
    (b) From subsection (c)(4) (Accounting for Disclosure, notice of 
dispute) because portions of this system are exempt from the access 
and amendment provisions of subsection (d), this requirement to 
inform any person or other agency about any correction or notation 
of dispute that the agency made with regard to the record, should 
not apply.
    (c) From subsections (d)(1), (2), (3), and (4) (Access to 
Records) because these provisions concern individual access to and 
amendment of certain records contained in this system, including law 
enforcement, counterterrorism, and investigatory records. Compliance 
with these provisions could alert the subject of an investigation to 
the fact and nature of the investigation, and/or the investigative 
interest of intelligence or law enforcement agencies; compromise 
sensitive information related to law enforcement, including matters 
bearing on national security; interfere with the overall law 
enforcement process by leading to the destruction of evidence, 
improper influencing of witnesses, fabrication of testimony, and/or 
flight of the subject; could identify a confidential source or 
disclose information which would constitute an unwarranted invasion 
of another's personal privacy; reveal a sensitive investigative or 
intelligence technique; or constitute a potential danger to the 
health or safety of law enforcement personnel, confidential 
informants, and witnesses. Amendment of these records would 
interfere with ongoing counterterrorism or law enforcement 
investigations and analysis activities and impose an impossible 
administrative burden by requiring investigations, analyses, and 
reports to be continuously reinvestigated and revised.
    (d) From subsection (e)(1) (Relevancy and Necessity of 
Information) because it is not always possible for DHS or other 
agencies to know in advance what information is relevant and 
necessary for it to complete screening of passengers and crew. 
Information relating to known or suspected terrorists is not always 
collected in a manner that permits immediate verification or 
determination of relevancy to a DHS purpose. For example, during the 
early stages of an investigation, it may not be possible to 
determine the immediate relevancy of information that is collected--
only upon later evaluation or association with further information, 
obtained subsequently, may it be possible to establish particular 
relevance to a law enforcement program. Lastly, this exemption is 
required because DHS and other agencies may not always know what 
information about an encounter with a known or suspected terrorist 
will be relevant to law enforcement for the purpose of conducting an 
operational response.
    (e) From subsection (e)(2) (Collection of Information from 
Individuals) because application of this provision could present a 
serious impediment to counterterrorism or law enforcement efforts in 
that it would put the subject of an investigation, study or analysis 
on notice of that fact, thereby permitting the subject to engage in 
conduct designed to frustrate or impede that activity. The nature of 
counterterrorism, and law enforcement investigations is such that 
vital information about an individual frequently can be obtained 
only from other persons who are familiar with such individual and 
his/her activities. In such investigations it is not feasible to 
rely solely upon information furnished by the individual concerning 
his own activities.
    (f) From subsection (e)(3) (Notice to Subjects), to the extent 
that this subsection is

[[Page 48348]]

interpreted to require DHS to provide notice to an individual if DHS 
or another agency receives or collects information about that 
individual during an investigation or from a third party. Should the 
subsection be so interpreted, exemption from this provision is 
necessary to avoid impeding counterterrorism or law enforcement 
efforts by putting the subject of an investigation, study or 
analysis on notice of that fact, thereby permitting the subject to 
engage in conduct intended to frustrate or impede that activity.
    (g) From subsections (e)(4)(G), (H) and (I) (Agency 
Requirements) because portions of this system are exempt from the 
access and amendment provisions of subsection (d).
    (h) From subsection (e)(5) (Collection of Information) because 
many of the records in this system coming from other systems of 
records are derived from other domestic and foreign agency record 
systems and therefore it is not possible for DHS to vouch for their 
compliance with this provision, however, the DHS has implemented 
internal quality assurance procedures to ensure that data used in 
its screening processes is as complete, accurate, and current as 
possible. In addition, in the collection of information for law 
enforcement and counterterrorism purposes, it is impossible to 
determine in advance what information is accurate, relevant, timely, 
and complete. With the passage of time, seemingly irrelevant or 
untimely information may acquire new significance as further 
investigation brings new details to light. The restrictions imposed 
by (e)(5) would limit the ability of those agencies' trained 
investigators and intelligence analysts to exercise their judgment 
in conducting investigations and impede the development of 
intelligence necessary for effective law enforcement and 
counterterrorism efforts.
    (i) From subsection (e)(8) (Notice on Individuals) because to 
require individual notice of disclosure of information due to 
compulsory legal process would pose an impossible administrative 
burden on DHS and other agencies and could alert the subjects of 
counterterrorism or law enforcement investigations to the fact of 
those investigations when not previously known.
    (j) From subsection (f) (Agency Rules) because portions of this 
system are exempt from the access and amendment provisions of 
subsection (d).
    (k) From subsection (g) (Civil Remedies) to the extent that the 
system is exempt from other specific subsections of the Privacy Act.

    Dated: August 8, 2007.
Hugo Teufel III,
Chief Privacy Officer.

 [FR Doc. E7-15966 Filed 8-22-07; 8:45 am]
BILLING CODE 4410-10-P